The recently leaked Babuk Locker ransomware builder was used by a threat actor in an ongoing campaign targeting victims worldwide. The builder allows customizing ransomware encryptors and decryptors and the ransom note. It also generates decrypters that could be used by victims to recover the encrypted files. The ransomware gang broke into the Washington, D.C., Metropolitan Police Department, encrypted its files and demanded a $4 million ransom. It is unclear if the Babuk gang tried to sell their ransomware builder to a third party in a transaction that went bad.”]
Source: https://securityaffairs.co/wordpress/119611/malware/babuk-locker-attacks-ransomware-builder.html